You don't need a password to authenticate through this scheme, only the hash of password. So hash of password is actually a plain password from encryption side of view. So:
- Salt and hash(pass+salt) may be eavesdropped, pass is one de-hash away
- Server stores plain passwords
And that's without taking into account that unencrypted connection is always vulnerable to MITM